summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-03-10Merge pull request #1882 from aapostoliuk/T5074-sagittaChristian Breunig
util: T5074: Fixed decoding of certificate value to UTF-8 string
2023-03-10util: T5074: Fixed decoding of certificate value to UTF-8 stringaapostoliuk
Fixed decoding of certificate value returned by vici to UTF-8 string.
2023-03-09xml: T4952: improve interface completion helper CLI experienceChristian Breunig
2023-03-09Merge pull request #1881 from sarthurdev/qos_fixChristian Breunig
qos: T5018: Fix issues between QoS and interface mirror/redirect
2023-03-09qos: T5018: Use configdep to fix interface mirror/redirect issuesarthurdev
This will check if mirror/redirect is present on a QoS interface and use `vyos.configdep` module to update the interface again after QoS is applied.
2023-03-09qos: T5018: Fix interface tc qdisc cleanupsarthurdev
2023-03-09Merge pull request #1877 from sever-sever/T5073Christian Breunig
T5073: IPoE-server fix parse empty range option
2023-03-09Merge pull request #1879 from sever-sever/T5063Christian Breunig
T5063: IPoE-server ethX vlan must not be used with client-subnet
2023-03-09T5063: IPoE-server ethX vlan must not be used with client-subnetViacheslav Hletenko
IPoE-server 'interface ethX vlan xxx' (aka vlan-mon) must not be used with 'interface ethX client-subnet' So instead of shared pool accel-ppp uses the same pool for each dynamically added VLAN eth1 client-subnet '192.0.2.0/24' eth1 vlan '2000-2021' It cause this issue: eth1.2000 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) eth2.2001 range 192.0.2.0/24 (the first client gets address from 192.0.2.2) Only named pools with vlan option must be used.
2023-03-09T5073: IPoE-server fix parse empty range optionViacheslav Hletenko
If the 'client-subnet' is not used we must exclude it from the ipoe.config.j2 template. Otherwise we get wrong empty parameter ',range=,'
2023-03-08Merge pull request #1875 from sever-sever/T5066Christian Breunig
T5066: Fix GRE tunnel variable name which checks keys
2023-03-08T5066: Fix GRE tunnel variable name which checks keysViacheslav Hletenko
2023-03-07frr: T5045: lift LimitNOFILE 1024 -> 4096Christian Breunig
Lift the amount of allowed open file descriptors for the FRR process tree. Required if there are hundreds to thousands interfaces on a system.
2023-03-07Merge pull request #1868 from jestabro/literalDaniil Baturin
op-mode: T5051: use Literal types to provide op-mode CLI choices and API enums
2023-03-07Merge pull request #1872 from sever-sever/T5057Christian Breunig
T5057: Fix IPoE regex Jinja2 for interface
2023-03-07Merge pull request #1870 from sever-sever/T5058Christian Breunig
T5058: Extend template filter range_to_regex to allow list as arg
2023-03-07T5057: Fix IPoE regex Jinja2 for interfaceViacheslav Hletenko
Fix incorrect regex '\d+' when used vlan ranges For example 'ipoe-server interface eth1 vlan 2000-3000' - replace 'interface=re:eth1\.\d+' => 'interface=re:^eth1\.(200\d|20[1-9]\d|2[1-9]\d{2}|3000)$'
2023-03-06T5058: Extend template filter range_to_regex to allow list as argViacheslav Hletenko
Extend template filter 'range_to_regex' Allow list of ranges as argument % range_to_regex(['11-12', '14-15']) '(1[1-2]|1[4-5])'
2023-03-06Merge pull request #1869 from sever-sever/T5056Christian Breunig
T5056: Fix IPoE server template for vlan-mon
2023-03-06T5056: Fix IPoE server template for vlan-monViacheslav Hletenko
After rewriting IPoE server for config.dict the ipoe.config.j2 template wasn't changed for 'vlan-mon' section Fix it
2023-03-06qos: T4989: bugfix dialer interface - speed detectionChristian Breunig
Not all interfaces have valid entries in the speed file. PPPoE interfaces have the appropriate speed file, but you can not read it: cat: /sys/class/net/pppoe7/speed: Invalid argument
2023-03-05op-mode: T5051: use typing.Literal in op-mode scriptsJohn Estabrook
2023-03-05op-mode: T5051: interpret Literal types as enumsJohn Estabrook
2023-03-05op-mode: T5051: add support for Literal arg typesJohn Estabrook
2023-03-04Merge pull request #1862 from jestabro/schema-generateChristian Breunig
graphql: T5040: generate schema on installation, rather than dynamically
2023-03-03graphql: T5040: use path from defaultsJohn Estabrook
2023-03-02Merge pull request #1865 from jbordongit/T4916-sagittaChristian Breunig
ipsec: T4916: Fixed migrations script
2023-03-03ipsec: T4916: Fixed migrations scriptjbordongit
* removed unused `re` from imports * replaced `return_value()` to `return_values()` for `remote-address` because this is a multi-value configuration node
2023-03-02Merge pull request #1864 from jestabro/system-login-errorChristian Breunig
login: T5039: catch error on 'my_set' for auth plaintext-password
2023-03-02Merge pull request #1863 from sarthurdev/T5039Christian Breunig
login: T5039: Support hashing rounds in `encrypted-password` values
2023-03-02login: T5039: catch error on 'my_set' for auth plaintext-passwordJohn Estabrook
2023-03-02login: T5039: Support hashing rounds in `encrypted-password` valuessarthurdev
Since glibc 2.7, the SHA-256 and SHA-512 implementations support a user-supplied number of hashing rounds, defaulting to 5000. If the "$id$" characters in the salt are followed by "rounds=xxx$", where xxx is an integer, then the result has the form $id$rounds=yyy$salt$encrypted where yyy is the number of hashing rounds actually used. The number of rounds actually used is 1000 if xxx is less than 1000, 999999999 if xxx is greater than 999999999, and is equal to xxx otherwise.
2023-03-01qos: T4989: bugfix missing firewall mark supportChristian Breunig
2023-03-01graphql: T5040: adjust smoketest for nullable keyJohn Estabrook
Since 'key' field is no longer required, a missing key will register an error in the resolver, instead of being rejected as bad request.
2023-03-01graphql: T5040: generate schema in vyos-1x.postinstJohn Estabrook
2023-03-01graphql: T5040: fail gracefully if not on live system; needed for importJohn Estabrook
For type introspection of op-mode scripts, scripts are loaded as modules. For generation of schema from type introspection, it is useful to load scripts during package installation, hence to fail gracefully if not on live system.
2023-03-01graphql: T5040: use nullable key field to allow schema static generationJohn Estabrook
Schema had been dynamically generated, based on configuration setting for authentication. Add nullable field 'key' for static generation of schema regardless of key/token use.
2023-03-01Merge pull request #1854 from Yuanandcircle/currentChristian Breunig
policy: T5035: Add more actions to policy route rule
2023-02-28qos: T4284: add general debug output in update()Christian Breunig
2023-02-28T4967: xml: provide re-usable constraint for CLI host-name definitionsChristian Breunig
2023-02-28Merge pull request #1857 from nicolas-fort/nft_queueChristian Breunig
T5037: Firewall: Add queue action and options to firewall
2023-02-28Merge pull request #1860 from sever-sever/T4967Christian Breunig
T4967: Allow setting container hostname
2023-02-28T4967: Allow setting container hostnameViacheslav Hletenko
Ability setting container hostname This host name is used as /etc/hostname set container name <tag> host-name 'mybox'
2023-02-28T5037: Firewall: Add queue action and options to firewallNicolas Fort
2023-02-28Merge branch 'vyos:current' into currentYouyuan
2023-02-28Merge pull request #1800 from vfreex/feature-babelChristian Breunig
T4977: Add Babel routing protocol support
2023-02-28Merge pull request #1784 from Zen3515/current-add-container-command-argChristian Breunig
container: T4014: Add `command`, `arg` and `entrypoint` configuration options for containers
2023-02-28Merge pull request #1853 from sever-sever/T5033Christian Breunig
T5033: Ability to generate muliple keys from a file or link
2023-02-28Merge pull request #1858 from jestabro/typo-openvpnChristian Breunig
openvpn: T4770: fix tabulate output in _format_openvpn
2023-02-27openvpn: T4770: fix tabulate output in _format_openvpnJohn Estabrook